<?php  
	session_start();
	
	/* Error messages to inform user */
	$MSG_startStudy = "";
	$MSG_accessData = "";
	$MSG_deleteData = "";
	
	/* Used for communication with the database */
	require_once("classes/Mail.class.php");
	include("classes/database.class.php");
	include("includes/define.php");
	$bd = new Database(MYSQL_DB_HOST,MYSQL_DB_LOGIN,MYSQL_DB_PASSWORD,MYSQL_DB_NAME);	

	date_default_timezone_set('Europe/Paris');
	$today = date("Y")."-".date("m")."-".date("d");
	
	/* If someone try to go directly to this URL, redirect to index */
	if(!isset($_SESSION['participantId']))
	{
		header("Location: http://".$_SERVER['SERVER_NAME']);
	}
	/* Deconnection */
	elseif(isset($_POST['logout']))
	{
		session_destroy();
		header("Location: http://".$_SERVER['SERVER_NAME']);
	}
	/* Start a Session */
	elseif(isset($_POST['newSession']))
	{
		$DATABASE_Sessions = $bd->query("SELECT * FROM sessions WHERE sessionId = '".$_POST['session_code']."';");
		$DATABASE_Session = mysql_fetch_assoc($DATABASE_Sessions);
		
		if(mysql_num_rows($DATABASE_Sessions) > 0)
		{
			$DATABASE_Study = $bd->query("SELECT * FROM studies WHERE studyId = '".$DATABASE_Session['studyId']."';");
			$DATABASE_Study = mysql_fetch_assoc($DATABASE_Study);
			
			if($DATABASE_Study['endDate'] == NULL)
			{
				if($DATABASE_Session['date'] == $today )
				{
					$DATABASE_participantSessions = $bd->query("SELECT * FROM participantsSessions WHERE participantId = '".$_SESSION['participantId']."' AND sessionId = '".$_POST['session_code']."';");
					$isSessionDone = false;
					while(($DATABASE_participantSession = mysql_fetch_assoc($DATABASE_participantSessions)) && ($isSessionDone == false))
					{
						if($DATABASE_participantSession['isFinished'] == 1)
						{	
							$isSessionDone = true;
						}
					}
					if($isSessionDone == false)
					{
						$bd->query("INSERT INTO participantsSessions (participantId, sessionId) VALUES ('".$_SESSION['participantId']."','".$_POST['session_code']."');");
						$DATABASE_participantSessionID = mysql_insert_id();
						$bd->close();
						
						$_SESSION['participantSessionId'] = $DATABASE_participantSessionID;
						header("Location: http://".$_SERVER['SERVER_NAME']."/panas.php");
					}
					else { $MSG_startStudy = "<p class='error'>Vous avez déjà participé à cette session.</p>"; } 
				}
				else { $MSG_startStudy = "<p class='error'>La session n'est pas valable aujourd'hui.</p>"; }
			}
			else { $MSG_startStudy = "<p class='error'>L'étude a été fermée.</p>"; }
		}
		else { $MSG_startStudy = "<p class='error'>Aucune session ne correspond à ce code.</p>"; }
		
		$bd->close();
	}
	/* participant want to access his data */
	elseif(isset($_POST['accessData']))
	{
		$DATABASE_participantSessions = $bd->query("SELECT * FROM participantsSessions WHERE participantId = '".$_SESSION['participantId']."';");
		if(mysql_num_rows($DATABASE_participantSessions) != 0)
		{
			$isStudyAccessible = false;
			while(($DATABASE_participantSession = mysql_fetch_assoc($DATABASE_participantSessions)) && ($isStudyAccessible == false))
			{
				$DATABASE_Session = $bd->query("SELECT * FROM sessions WHERE sessionId = '".$DATABASE_participantSession['sessionId']."';");
				$DATABASE_Session = mysql_fetch_assoc($DATABASE_Session);
				
				$DATABASE_participantStudy = $bd->query("SELECT * FROM studies WHERE studyId = '".$DATABASE_Session['studyId']."';");
				$DATABASE_participantStudy = mysql_fetch_assoc($DATABASE_participantStudy);
				
				if($DATABASE_participantStudy['endDate'] != NULL)
				{
					$isStudyAccessible = true;
				}
			}
			if($isStudyAccessible){	header("Location: http://".$_SERVER['SERVER_NAME']."/studyparticipant.php"); }
			else { $MSG_accessData = "<p class='error'>Vous pourrez accéder à vos données une fois l'étude finie.</p>"; }
		}
		else { $MSG_accessData = "<p class='error'>Vous n'avez, actuellement, participé à aucune étude.</p>"; }
	}
	
	$DATABASE_Infosparticipant = $bd->query("SELECT * FROM participants WHERE participantId = '".$_SESSION['participantId']."';");
	$DATABASE_Infosparticipant = mysql_fetch_assoc($DATABASE_Infosparticipant);
	
	$bd->close();
	
	$participantId = $DATABASE_Infosparticipant['participantId'];
	$birthYear = $DATABASE_Infosparticipant['birthYear'];
	$birthMonth = $DATABASE_Infosparticipant['birthMonth'];
	$gender = $DATABASE_Infosparticipant['gender'];
	$mail = $DATABASE_Infosparticipant['mail'];
	$_SESSION['gender'] = $gender;
?>

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link rel="stylesheet" type="text/css" href="style.css"/>
<title> Panneau étudiant </title>
</head>

<body>

	<div id="participant">
		<h1> <?php echo $_SESSION['participantId']; ?> </h1>

		<form method="post" action="participant.php">
			<input type="submit" name="logout" value="Déconnexion"/>
		</form>

		<br/>
		<hr/>
		
		<?php
			echo "<p>";
			if($gender == 1){ echo "masculin"; } else { echo "feminin"; }
			echo "<br/>".$birthMonth."/".$birthYear."<br/>".$mail;
			echo "</p>";
		?>
		
		<form method="post" action="informations.php">
			<input type="submit" name="newparticipant" value="Modifier mes infos"/>
		</form>
		
		<br/>
		<hr/>
		<br/>
		
		<form method="post" action="participant.php">
			<input type="text" name="session_code" placeholder="code de session"/> <br/> <br/>
			<input type="submit" name="newSession" value="Démarrer"/>	
		</form>
		<?php echo $MSG_startStudy; ?>
		
		<br/>
		<hr/>
		<br/>
		
		<form method="post" action="participant.php">
			<input type="submit" name="accessData" value="Accéder à mes données"/>
		</form>
		<?php echo $MSG_accessData; ?>
		
		<p>Pour la suppression de vos données, veuillez contacter la personne en charge de l'étude.</p>
	</div>
	
</body>
</html>